Asterisk Development Team
2018-Mar-15 19:26 UTC
[asterisk-users] Asterisk 15.3.0 Now Available
The Asterisk Development Team would like to announce the release of Asterisk 15.3.0. This release is available for immediate download at http://downloads.asterisk.org/pub/telephony/asterisk The release of Asterisk 15.3.0 resolves several issues reported by the community and would have not been possible without your participation. Thank you! The following issues are resolved in this release: Security bugs fixed in this release: ----------------------------------- * ASTERISK-27658 - WebSocket frames with 0 sized payload causes DoS (Reported by Sean Bright) * ASTERISK-27583 - Segmentation fault occurs in asterisk with an invalid SDP fmtp attribute (Reported by Sandro Gauci) * ASTERISK-27582 - Segmentation fault occurs in Asterisk with an invalid SDP media format description (Reported by Sandro Gauci) * ASTERISK-27618 - Crash occurs when sending a repeated number of INVITE messages over TCP or TLS transport (Reported by Sandro Gauci) * ASTERISK-27640 - SUBSCRIBE message with a large Accept value causes stack corruption (Reported by Sandro Gauci) New Features made in this release: ----------------------------------- * ASTERISK-27117 - core: Add support for timelen parsing to ast_parse_arg and ACO. (Reported by Corey Farrell) Bugs fixed in this release: ----------------------------------- * ASTERISK-27703 - AMI Action VoicemailUsersList returns 0 MessageCount (Reported by S??bastien Duthil) * ASTERISK-27659 - Output from rawman truncated if output is long enough (Reported by Bojan Nem??i??) * ASTERISK-27692 - bridging: Sometimes cloning the stream topology causes a crash (Reported by Richard Mudgett) * ASTERISK-27488 - core: If frame with unnegotiated format is read crash will occur (Reported by S??bastien Duthil) * ASTERISK-24386 - Asterisk "doc/lang/language-criteria.txt" needs update or removal. (Reported by Rusty Newton) * ASTERISK-27689 - [patch] rtp_engine: Load format name / mime type in uppercase again. (Reported by Alexander Traud) * ASTERISK-27679 - res_pjsip: Endpoint destruction does not free DTLS configuration (Reported by Mak Dee) * ASTERISK-27684 - [patch] install_prereq: Update OpenBSD libraries. (Reported by Alexander Traud) * ASTERISK-27681 - [patch] BuildSystem: Enable IMAP storage on OpenBSD. (Reported by Alexander Traud) * ASTERISK-27680 - [patch] res_calendar: Specialized calendars depend on symbols of general calendar. (Reported by Alexander Traud) * ASTERISK-27677 - [patch] BuildSystem: Enable system provided libedit on OpenBSD. (Reported by Alexander Traud) * ASTERISK-27670 - [patch] BuildSystem: Remove chan_h323 leftovers. (Reported by Alexander Traud) * ASTERISK-27595 - [patch] BuildSystem: Invoke ldconfig with previous paths. (Reported by Alexander Traud) * ASTERISK-27631 - [patch] BuildSystem: Do not warn when bash is not installed. (Reported by Alexander Traud) * ASTERISK-27666 - chan_sip: Crash processing CANCEL request (Reported by Leandro Dardini) * ASTERISK-27584 - Internal pjproject build doesn't disable bcg729 (Reported by Stuart Henderson) * ASTERISK-27669 - [patch] codecs: Add support for WebRTC iLBC 2.0. (Reported by Alexander Traud) * ASTERISK-27642 - [patch] backtrace: Avoid -Wlogical-not-parentheses. (Reported by Alexander Traud) * ASTERISK-27555 - [patch] install_prereq: Update Debian/Ubuntu libraries. (Reported by Alexander Traud) * ASTERISK-27656 - CDR: Leaking channel snapshots allocated by stasis_channel.c (Reported by Kristijan Vrban) * ASTERISK-27426 - chan_console: cannot read and write at the same time with alsa backend (Reported by Tzafrir Cohen) * ASTERISK-27621 - (null) string tailing after AsyncAGIEnd AMI event (Reported by sungtae kim) * ASTERISK-27652 - Null pointer Crash in PJSIP MWI (Reported by Joshua Elson) * ASTERISK-27571 - res_pjsip: If SIP response is received during shutdown a crash may occur (Reported by Joshua Colp) * ASTERISK-27612 - Subscriptions Persist After Expiration and TCP/TLS Disconnect (Reported by Ross Beer) * ASTERISK-27637 - [patch] BuildSystem: Enable autotools in FreeBSD. (Reported by Alexander Traud) * ASTERISK-27635 - [patch] app_voicemail: Avoid always true warnings with clang. (Reported by Alexander Traud) * ASTERISK-27599 - [patch] install_prereq: Update RHEL/CentOS/Fedora libraries. (Reported by Alexander Traud) * ASTERISK-26563 - core: macOS devmode build fails: variable 'freeswap' set but not used (Reported by David M. Lee) * ASTERISK-27630 - [patch] editline: Avoid shifting a negative signed value. (Reported by Alexander Traud) * ASTERISK-16172 - Problems with siren14 codec; problems with siren7 sound files. (Reported by Steve Murphy) * ASTERISK-16951 - [patch] configure.ac in 1.4.37 broken with autoconf 2.60 (Reported by St??phan Kochen) * ASTERISK-27603 - [patch] install_prereq: Download latest Jansson. (Reported by Alexander Traud) * ASTERISK-27607 - [patch] res_config_mysql: Avoid the header mysql_version.h. (Reported by Alexander Traud) * ASTERISK-24598 - When running ./contrib/scripts/install_prereq install-unpackaged pjproject is installed in wrong place (Reported by PowerPBX) * ASTERISK-27602 - [patch] BuildSystem: AC_CONFIG_AUX_DIR needs a directory. (Reported by Alexander Traud) * ASTERISK-27600 - [patch] BuildSystem: Allow make clean all again. (Reported by Alexander Traud) * ASTERISK-27598 - [patch] install_prereq: Support package manager DNF. (Reported by Alexander Traud) * ASTERISK-26596 - Placing call on hold temporarily locks up set (Reported by Igor Goncharovsky) * ASTERISK-27596 - [patch] BuildSystem: Use the detected name for MD5 everywhere. (Reported by Alexander Traud) * ASTERISK-27594 - [patch] BuildSystem: Invoke install not in GNU but POSIX style. (Reported by Alexander Traud) * ASTERISK-27593 - [patch] BuildSystem: In OpenBSD, xmlstarlet is xml. (Reported by Alexander Traud) * ASTERISK-27592 - [patch] BuildSystem: Detect external library Lua in version 5.3. (Reported by Alexander Traud) * ASTERISK-26832 - res_pjsip: Segfault when calling pjsip_hdr_print_on in sip_msg.c:581 (Reported by Ross Beer) * ASTERISK-27589 - [patch] BuildSystem: Avoid $EUID and use id -u instead. (Reported by Alexander Traud) * ASTERISK-27585 - [patch] BuildSystem: Resolve resolv.h not via Generic but Particular Header-Check. (Reported by Alexander Traud) * ASTERISK-27575 - menuselect : remove obsolete TRACE_FRAMES compiler flag (Reported by Jean Aunis - Prescom) * ASTERISK-27576 - [patch] res_config_pgsql: Avoid typecasting an int to unsigned char. (Reported by Alexander Traud) * ASTERISK-27560 - [patch] clang 5 does not know -Wno-format-truncation (Reported by Alexander Traud) * ASTERISK-27578 - [patch] app_osplookup.c: Avoid a format truncation. (Reported by Alexander Traud) * ASTERISK-27577 - [patch] chan_ooh323: Avoid typecasting an int to unsigned short. (Reported by Alexander Traud) * ASTERISK-27491 - res_pjsip_endpoint_identifier_ip only matches against header if match by ip fails (Reported by George Joseph) * ASTERISK-27534 - chan_sip: Assumes iostream is non-NULL when it may not be (Reported by Lubos Dolezel) * ASTERISK-27549 - [patch] translate: Avoid absolute value on unsigned substraction. (Reported by Alexander Traud) * ASTERISK-27566 - res_pjsip_session: Improve WebRTC interop with bundling during renegotiation (Reported by Joshua Colp) * ASTERISK-27553 - [patch] res_curl: Avoid error message on unload. (Reported by Alexander Traud) * ASTERISK-27557 - [patch] clang 5.0: implicit conversion to char changes value to negative. (Reported by Alexander Traud) * ASTERISK-27550 - [patch] bridge_softmix: Avoid warning about an uninitialized variable. (Reported by Alexander Traud) * ASTERISK-27559 - [patch] editline: Avoid comparison between pointer and zero character constant. (Reported by Alexander Traud) * ASTERISK-27558 - [patch] codec_gsm: Avoid shifting a negative signed value. (Reported by Alexander Traud) * ASTERISK-25329 - Asterisk configure fails on 'cannot find ptlib-config', despite ptlib-config existing (Reported by Rusty Newton) * ASTERISK-27552 - [patch] chan_ooh323: Limit outgoinglimit to positive values as intended. (Reported by Alexander Traud) * ASTERISK-27551 - [patch] ooh323cDriver: Fix typo in header guard. (Reported by Alexander Traud) * ASTERISK-26046 - [patch] Avoid obsolete warnings on autoconf. (Reported by Alexander Traud) * ASTERISK-27539 - 'cdr submit' fails: batch mode not enabled. (Reported by Tzafrir Cohen) * ASTERISK-27498 - ICE candidate parser - ICE foundation parsing too short (Reported by Michele Pr??) * ASTERISK-27366 - Asterisk Turkish Language Set Problem (Reported by Halil ??brahim YILDIZ) * ASTERISK-23133 - Documentation fix - MASTER_CHANNEL Unexpected Behaviour (Reported by Shane Mitchell) * ASTERISK-27531 - Compiler optimizations can break module load sequence. (Reported by abelbeck) * ASTERISK-27480 - Security: Authenticated SUBSCRIBE without Contact crashes asterisk (Reported by Ross Beer) * ASTERISK-24198 - Typo's (Reported by Walter Doekes) * ASTERISK-27229 - bridge: Old channel video source not set to NULL after unref (Reported by Richard Kenner) Improvements made in this release: ----------------------------------- * ASTERISK-27683 - [patch] BuildSystem: Allow newer autotools on OpenBSD. (Reported by Alexander Traud) * ASTERISK-27348 - [patch]contrib/scripts: add a way to migrate from chan_sip to chan_pjsip realtime (Reported by Torrey Searle) * ASTERISK-27651 - app_confbridge: Add Muted to ConfbridgeJoin and channel snapshot headers to ConfbridgeList AMI events (Reported by Richard Mudgett) * ASTERISK-27647 - app_confbridge/bridge_softmix: When channel muted report talking stopped if was talking. (Reported by Richard Mudgett) * ASTERISK-27084 - Reduce verbosity while loading PBX extensions. (Reported by Ludovic Gasc (Eyepea)) * ASTERISK-24372 - [patch] Add config option to play a prompt to the "winner" in app_followme (Reported by Graham Mainwaring) * ASTERISK-27461 - 3PCC patch for AMI "SIPnotify" (Reported by Yasuhiko Kamata) For a full list of changes in this release, please see the ChangeLog: http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-15.3.0 Thank you for your continued support of Asterisk! -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.digium.com/pipermail/asterisk-users/attachments/20180315/2e8919df/attachment.html>